1. SACM IETF 96 July 18 & 22, 2016 Adam Montville Karen O'Donoghue

2. Note Well This summary is only meant to point you in the right direction, and doesn't have all the nuances. The IETF's IPR Policy is set forth in BCP 79; please read it carefully. The brief summary:  By participating with the IETF, you agree to follow IETF processes.  If you are aware that a contribution of yours (something you write, say, or discuss in any IETF context) is covered by patents or patent applications, you need to disclose that fact.  You understand that meetings might be recorded, broadcast, and publicly archived. For further information, talk to a chair, ask an Area Director, or review the following: BCP 9 (on the Internet Standards Process) BCP 25 (on the Working Group processes) BCP 78 (on the IETF Trust) BCP 79 (on Intellectual Property Rights in the IETF) 2

3. Administrative Tasks Note takers Jabber scribe 3

4. Agenda (18 July) 1.Logistitcs, note takers – chairs – 5m 2.WG Status – chairs – 10m 3.Software Identification Draft Open Issues – Charles/Gunnar – 60m 4.Information Model open issues – Danny – 20m 5.Endpoint Information Data Format – Danny – 20m 6.Terminology draft update -- Henk – 20m 7.Work plan for the week – chairs/all – 15m 4

5. Agenda (22 July) 1.Logistitcs, note takers – chairs – 5m 2.Endpoint Information Data Format – Danny – 20m 3.Information Model Update – Danny – 15m 4.Coswid Draft – Henk – 15m 5.Vulnerability draft – chairs – 5m 6.AOB 5

6. Way Forward (from last meeting) Complete IM Merge –Draft update NLT July 8 Get requirements to IESG Update to Software Identification draft –Draft update NLT July 8 Complete Vulnerability “WGLC” before IETF 96 –Doesn’t have to advance the draft 6

7. Status Updated Drafts (as of 8 July) –Information Model –Terminology –Vulnerability Scenario Drafts expected, but not updated –Software Identification Requirements haven’t yet been submitted to IESG WGLC on vulnerability draft hasn’t yet happened 7

8. Way Forward Complete IM Merge Update SWID M&A draft prior to September IV Update Requirement (DM-001) and submit to IESG before September IV Complete Vulnerability “WGLC” after IETF 96 8